- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Developer Manual
- API Documentation
- Bucket Configuration
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotating
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Pipeline Operators
- Limiting Output Image Size
- Supported Fonts
- Image Styles
- Image Compression
- Blind Watermarking
- Persistent Image Processing
- Basic Image Processing
- AI-Based Content Recognition
- Media Processing
- Common Request Headers
- Common Response Headers
- Error Codes
- Template APIs
- Media Bucket APIs
- Queue APIs
- Job APIs
- Animated Image Job APIs
- Screenshot Job APIs
- Transcoding Job APIs
- Intelligent Thumbnail Job APIs
- Splicing Job APIs
- Multi-Job APIs
- Video Montage Job APIs
- Voice/Sound Separation Job APIs
- Video Enhancement Job APIs
- SDR-to-HDR Job APIs
- Super Resolution Job APIs
- Audio/Video Segmentation Job APIs
- Media Information Query Job
- Media Screenshot API
- Media Information API
- Workflow APIs
- Private M3U8 API
- Callback Content
- Error Codes
- SDK Documentation
- FAQs
- Contact Us
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Developer Manual
- API Documentation
- Bucket Configuration
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotating
- Converting Format
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Pipeline Operators
- Limiting Output Image Size
- Supported Fonts
- Image Styles
- Image Compression
- Blind Watermarking
- Persistent Image Processing
- Basic Image Processing
- AI-Based Content Recognition
- Media Processing
- Common Request Headers
- Common Response Headers
- Error Codes
- Template APIs
- Media Bucket APIs
- Queue APIs
- Job APIs
- Animated Image Job APIs
- Screenshot Job APIs
- Transcoding Job APIs
- Intelligent Thumbnail Job APIs
- Splicing Job APIs
- Multi-Job APIs
- Video Montage Job APIs
- Voice/Sound Separation Job APIs
- Video Enhancement Job APIs
- SDR-to-HDR Job APIs
- Super Resolution Job APIs
- Audio/Video Segmentation Job APIs
- Media Information Query Job
- Media Screenshot API
- Media Information API
- Workflow APIs
- Private M3U8 API
- Callback Content
- Error Codes
- SDK Documentation
- FAQs
- Contact Us
CI uses signatures to verify the validity of requests. The developer authorizes a signature to the client for it to upload, download, and manage the specified resources.
When using CI, you can call RESTful APIs to initiate anonymous or signed HTTP requests. For signed requests, the server will validate the identity of the requester.
- Anonymous request: an HTTP request that does not carry any authentication information, and is sent using RESTful APIs.
- Signed request: an HTTP request that carries a signature. The server will authenticate requesters and only execute requests initiated by authenticated ones. If the authentication fails, the server will return an error message and deny the request.
CI uses the same signature algorithm as Cloud Object Storage (COS) and uses Hash-based message authentication code (HMAC) custom solutions for identity verification.
Signature algorithm
Currently, CI has integrated with COS, meaning that you can use a COS domain to process images. The signature version required is different for CI and COS domains.
- CI domain: formatted as
<bucketname-appid>.<picture region="">.myqcloud.com/<picture name="">(for example,examplebucket-1250000000.picsh.myqcloud.com/picture.jpeg). It uses JSON signatures. - COS domain: formatted as
<bucketname-appid>.cos.<region>.myqcloud.com(for example,examplebucket-1250000000.cos.ap-shanghai.myqcloud.com/picture.jpeg). It uses XML signatures. For more information about XML signatures, please see Request Signature.
Signature scenarios
| Scenario | Applicable Signature | |
|---|---|---|
| Processing data upon download | Hotlink protection not enabled | No signature verification |
| Hotlink protection enabled | Signature verification | |
| Processing data upon upload | Persistent processing | XML signatures |
| Bucket API calls | Query, activation, deletion, etc. | XML signatures |
| Content recognition | Detecting pornographic, political, or violent/terror content | XML signatures |
Signature tools
To generate a signature, you need the APPID (e.g., 1250000000), bucket name (e.g., examplebucket-ci), as well as the SecretID and SecretKey of the project.
The following describes how to obtain the information above:
- Log in to the CI console and click Bucket Management on the left sidebar.
- Click the name of the desired bucket.
- Click Bucket Configuration to view the bucket name and bucket ID. If there is no bucket created for the current project, you can create one by referring to Creating Buckets.
- Log in to the CAM console and go to Manage API Key to get
SecretIDandSecretKey.
The signature calculation process of CI is the same as that of COS. You can use a COS signature tool to generate a signature version you need according to the signature scenario.
Using a signature
Signed HTTP requests sent via RESTful APIs can pass the signature in the following ways:
- Pass through a standard HTTP
Authorizationheader, such asAuthorization: q-sign-algorithm=sha1&q-ak=...&q-sign-time=1557989753;1557996953&...&q-signature=... - Pass as an HTTP request parameter (be sure to URL-encode), such as
/exampleobject?q-sign-algorithm=sha1&q-ak=...&q-sign-time=1557989753%3B1557996953&...&q-signature=...
Note:In the example above,
...are the signatures.
Yes
No
Was this page helpful?